Tampering with computer systems is a major problem faced by users of shared access terminals and users of personal computers that are not physically protected against access. The most common form of tampering is file modification for the purposes of installing Trojans or viruses on a victim's terminal. If the attacker has physical access to the system's disk, the attacker may further modify the configuration of anti-virus and other security software, allowing the tampering to go undetected.
Current solutions for detecting disk tampering rely on host software. However the host software itself can be easily circumvented or modified to avoid detection.